Authorization Based on Evidence and Trust

Authorization Based on Evidence and Trust

Developing authorization mechanisms for secure information access by a large community of users in an open environment is challenging. Current research efforts grant privilege to a user based on her objective properties that are demonstrated by digital credentials (evidences). However, holding crede...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Bhargava, Bharat, Zhong, Yuhui
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Access Control
Applied sciences
Computer science
control theory
systems
Evidence Statement
Exact sciences and technology
Memory and file management (including protection and security)
Memory organisation. Data processing
Role Assignment
Software
Trust Information
Trust Management
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Developing authorization mechanisms for secure information access by a large community of users in an open environment is challenging. Current research efforts grant privilege to a user based on her objective properties that are demonstrated by digital credentials (evidences). However, holding credentials is not sufficient to certify that a user is trustworthy. Therefore, we propose using the notion of trust to characterize the probability that a user will not harm an information system. We present a trust-enhanced role-mapping server, which cooperates with RBAC (Role-Based Access Control) mechanisms to together implement authorization based on evidence and trust. A prerequisite for this is our proposed formalization of trust and evidence.
ISSN:0302-9743
1611-3349
DOI:10.1007/3-540-46145-0_10